Hands-on spring security 5 for reactive applications : learn effective ways to secure your applications with spring and spring WebFlux

Hands-on spring security 5 for reactive applications learn effective ways to secure your applications with spring and spring WebFlux

Secure your Java applications by integrating the Spring Security framework in your code Key Features Provide authentication, authorization and other security features for Java applications. Learn how to secure microservices, cloud, and serverless applications easily Understand the code behind the im...

Descripción completa

Detalles Bibliográficos
Otros Autores: John, Tomcy, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham ; Mumbai : Packt 2018.
Edición:1st edition
Materias:
Spring (Software framework)
High performance computing.
Application software > Development.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009630748206719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright and Credits
  • Dedication
  • Packt Upsell
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Overview of Spring 5 and Spring Security 5
  • How examples are structured
  • New-generation application requirements
  • Reactive programming
  • Reactive applications
  • Reactive Manifesto
  • Responsive
  • Resilient
  • Elastic
  • Message-driven
  • Spring Framework
  • Reactive Landscape in Java
  • Reactive Streams and Reactive Streams Specifications
  • Non-blocking
  • Backpressure
  • Reactive Extensions
  • RxJava
  • Reactive Streams and RxJava
  • JDK 9 additions
  • Important interfaces
  • The Publisher Interface
  • The Subscriber Interface
  • The Subscription interface
  • The Processor interface
  • Spring Framework and reactive applications
  • Modules in Reactor
  • Reactive types in Reactor Core
  • The Flux reative type
  • The Mono reactive type
  • Data stream types
  • Reactor and RxJava
  • Reactive Web Application
  • Spring WebFlux
  • Reactive Spring Web
  • WebClient
  • WebSockets
  • Application security
  • Spring Security
  • Spring Security terminologies
  • Spring Security's core features
  • Authentication
  • Authorization
  • Spring Security 5's new features
  • Working of Spring Security
  • Servlet Filter
  • Filter Chain
  • Security Interceptor (DelegatingFilterProxy)
  • Core Spring Security modules
  • Summary
  • Chapter 2: Deep Diving into Spring Security
  • Authentication
  • Setting up AuthenticationManager
  • AuthenticationProvider
  • Custom AuthenticationProvider
  • Multiple AuthenticationProvider
  • Sample application
  • Base project setup
  • Step 1-Create a Maven project in IntelliJ IDEA
  • Step 2-pom.xml changes
  • Step 3-MySQL database schema setup
  • Step 4-Setting up MySQL database properties in your project
  • Step 5-Spring application configuration
  • Step 6-Web application configuration.
  • Step 7-Spring MVC setup
  • Step 8-Controller setup
  • Step 9-JSP creation
  • Spring Security setup
  • Step 1-Spring Security configuration setup
  • Step 2-Spring Security setup for a web application
  • Running the application
  • In-memory user storage
  • Run as Spring Boot
  • Authorization
  • Web URL
  • Method invocation
  • Domain instance
  • Other Spring Security capabilities
  • Summary
  • Chapter 3: Authentication Using SAML, LDAP, and OAuth/OIDC
  • Security Assertion Markup Language
  • Setting up an SSO provider
  • Setting up the project
  • The pom.xml file setup
  • The application.yml file setup
  • The Spring Security configuration files
  • The resources folder setup
  • Running and testing the application
  • Lightweight Directory Access Protocol
  • Set up dependencies in the pom.xml file
  • Spring Security configuration
  • LDAP server setup
  • Setting up users in the LDAP server
  • Running the application
  • Seeing the application in action on a browser
  • OAuth2 and OpenID Connect
  • Setting up a project
  • Bootstrap Spring project using Spring Initializr
  • Inclusion of OAuth libraries in pom.xml
  • Setting up provider details in application.properties
  • Provider setup
  • Default application change
  • The HomeController class
  • The home.jsp file
  • Spring Boot main application class change
  • Running the application
  • Summary
  • Chapter 4: Authentication Using CAS and JAAS
  • CAS
  • CAS server setup
  • Git clone
  • Adding additional dependencies
  • Setting up the resources folder in the project
  • Creating the application.properties file
  • Creating a local SSL keystore
  • Creating the .crt file to be used by the client
  • Exporting the .crt file to Java and the JRE cacert keystore
  • Building a CAS server project and running it
  • Registering a client with the CAS server
  • JSON service configuration.
  • Additional application.properties file changes
  • CAS client setup
  • Bootstrap Spring project using Spring Initializr
  • Including CAS libraries in pom.xml
  • Changing the application.properties file
  • Additional bean configuration
  • ServiceProperties bean
  • AuthenticationEntryPoint bean
  • TicketValidator bean
  • CasAuthenticationProvider bean
  • Setting up Spring Security
  • Creating the CasAuthenticationFilter bean
  • Setting up the controller
  • Running the application
  • Java Authentication and Authorization Service
  • Setting up a project
  • Setting up Maven project
  • Setting up LoginModule
  • Setting up a custom principal
  • Setting up a custom AuthorityGranter
  • Configuration files
  • Application configuration
  • Spring MVC configuration
  • Spring Security configuration
  • Controllers
  • Setting up pages
  • Running the application
  • Kerberos
  • Custom AuthenticationEntryPoint
  • Multiple AuthenticationEntryPoint
  • PasswordEncoder
  • Salt
  • Custom filters
  • Summary
  • Chapter 5: Integrating with Spring WebFlux
  • Spring MVC versus WebFlux
  • When to choose what?
  • Reactive support in Spring 5
  • Reactive in Spring MVC
  • Spring WebFlux
  • HandlerFunction
  • RouterFunction
  • Spring WebFlux server support
  • Reactive WebClient
  • Reactive WebTestClient
  • Reactive WebSocket
  • Spring WebFlux authentication architecture
  • Spring WebFlux authorization
  • Sample project
  • WebFlux project setup
  • Maven setup
  • Configuration class
  • The SpringWebFluxConfig class
  • Repository
  • Handler and router
  • Bootstrap application
  • Running the application
  • Adding security
  • Configuration classes
  • The UserDetailsService bean
  • The SpringSecurityFilterChain bean
  • Running the application
  • CURL
  • Browser
  • WebClient
  • Maven setup
  • Creating a WebClient instance
  • Handling errors
  • Sending requests and retrieving responses.
  • Running and testing the application
  • Unit testing (WebTestClient)
  • Maven dependency
  • Test class
  • Spring Data
  • Maven dependency
  • MongoDB configuration
  • Setting up a model
  • Implementing a repository
  • Implementing a controller
  • Running the application
  • Authorization
  • Method security
  • Customization
  • Writing custom filters
  • Using WebFilter
  • Using HandlerFilterFunction
  • Summary
  • Chapter 6: REST API Security
  • Important concepts
  • REST
  • JSON Web Token (JWT)
  • Structure of a token
  • Header
  • Payload
  • Signature
  • Modern application architecture
  • SOFEA
  • Reactive REST API
  • Simple REST API security
  • Spring Security configuration
  • Authentication success handler
  • Custom WebFilter namely JWTAuthWebFilter
  • New controller classes
  • Running the application and testing
  • Advanced REST API security
  • OAuth2 roles
  • Resource owner
  • Resource server
  • Client
  • Authorization server
  • Authorization grant types
  • Authorization code flow
  • Implicit flow
  • Client credentials
  • Resource owner password credentials
  • Access Token and Refresh Token
  • Spring Security OAuth project
  • OAuth2 and Spring WebFlux
  • Spring Boot and OAuth2
  • Sample project
  • Authorization server
  • Maven dependencies
  • Spring Boot run class
  • Spring Security config
  • Authorization server config
  • Application properties
  • Resource server
  • Maven dependencies
  • Spring Boot run class
  • Resource server config
  • Spring Security config
  • Spring MVC config class
  • Controller class
  • Application properties
  • Client application
  • Maven dependencies
  • Spring Boot class
  • OAuth client config
  • Spring Security config
  • Controller classes
  • Templates
  • Application properties
  • Running the project
  • Summary
  • Chapter 7 : Spring Security Add-Ons
  • Remember-me authentication
  • Creating a new table in MySQL database.
  • Spring Security configuration
  • The custom login page
  • Running the application and testing
  • Session management
  • CSRF
  • CSP
  • CSP using Spring Security
  • Channel security
  • CORS Support
  • The Crypto module
  • Password encoding
  • Encryption
  • Key generation
  • Secret management
  • Starting by unsealing Vault
  • The Spring Boot project
  • The Maven dependency
  • HTTP Data Integrity Validator
  • What is HDIV?
  • The Bootstrap project
  • Maven dependencies
  • Spring Security configuration
  • Spring MVC configuration
  • HDIV configuration
  • The Model class
  • The Controller class
  • Pages
  • Running the application
  • Custom DSL
  • Summary
  • Other Books You May Enjoy
  • Index.

Ejemplares similares